Dropped an archive here for a bit if anyone can use it
http://e.volve.net/downloads/eosc.zip
Knocked this together in a hurry and off of the Github Master so it's probably only good for comparison/reference. I'll see if I can give it some proper attention in the next couple days but here it is for now.

STS is basically just placeholders for output from osC. Since you've fixed up the html output it just lets you have a series of content slots you can wrap in DIVS - the output of boxes.php included. You could always do that with STS but the guts of a stock osC would thwart a true CSS layout.
I can zip up my install if you want to take a look at it. There was a little fiddling involved.
Doh! Taking another look at it I take that back. There's still some more fiddling to be done. The problems are mostly with some unclosed divs I think but that's my fault. I'll finish it up, take some notes and let you know.

If it's any help I immediately installed STS after your contrib. Not heavily tested but works fine as far as I can see. Basically you just need to strip all the html out of the STS template. Kind of exciting as it makes using Blueprint or 960 grid a nice possibility as well as having A LOT of control over individual pages, boxes etc. It'll even accept conditionals in a template ala WP or Drupal so it opens a bunch of doors a single template might not.
You and Bill Kellum should chat a bit about the possibilites :thumbsup:

Impressive, time consuming work. Merged onto Git master pretty easily and displays very nicely. Been talked about for a LONG time and even considered doing it myself but could never commit. Worthy of being considered for merging into osCommerce Online Merchant v2.x master I think. Thanks for your work!

Woops. Sorry about that. I picked up this thread from View New Content and didn't see it was posted in Payment Modules/Authorize.
Anyways, I think you should review Anet's features then :-"
Maybe the Fraud Detection Suite would be worth the extra cash?
http://www.authorize.net/solutions/merchantsolutions/merchantservices/frauddetectionsuite/
You can also set your payment module to authorize only instead of authorize and capture. Then you'll have time to review the transaction and manually run it once you call it good.
Not sure what security juice you can apply otherwise. :'(

You don't say who you're gateway is or if you have one so that would be good to know :thumbsup:
A reasonable gateway should have an AVS (address verification system) in place you can use to weed out this kind of fraud and protect yourself.
Authorize.net is my choice and recommendation to folks but there are plenty of supported processors.
Get one if you haven't and if you have give them a call and see what measures you can setup.
Hope that helps,
Iggy

It's not easy being impatient and dumb at the same time I tell you what :rolleyes:
Part of the problem - line146 of coupon_admin.php in CCGV(trad)
$insert_id = tep_db_insert_id($query);
Golly if this edit doesn't get it working
$insert_id = tep_db_insert_id();
I suppose that makes sense (??) given the new function? Still not really understanding why it's throwing the error and failing to relate the 2 tables with ($query) but beggars can't be choosers :P

OK. Back to CCGV(trad) because I just can't let it go.
Currently it's semi-functional; can add or delete(make inactive) coupons.
The weirdness comes into play when inserting the coupon into the database from preview (where it passes everything in correctly).
On insertion it throws this error
Warning: mysql_insert_id() expects parameter 1 to be resource, null given in /www/EosC_3.0ccgv/catalog/admin/includes/functions/database.php on line 117
And writes everything to the coupons and coupons_description tables correctly but fails to display the coupon name viewing it from coupons_admin.php
This is line 117 in functions/database.php
function tep_db_insert_id($link = 'db_link') {
global $$link;
return mysql_insert_id($$link);
}
and reviewing MS2 this is the function previously - and which makes everything work as expected when swapped into the current running store
function tep_db_insert_id() {
return mysql_insert_id();
}
So I am prepared to be schooled if there's a teacher in the house :D
Thanks for any clarification or input you can provide.
Iggy